package com.zjj.controller;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;

import com.zjj.util.MyMD5Util;

@Controller
public class IndexController {

	@RequestMapping({ "/", "/index" })
	public String index() {
		return "/index";
	}

	@RequestMapping("/login")
	public String login(@RequestParam(required=false) String username, @RequestParam(required=false) String password, ModelMap map) {
		System.out.println("IndexController.login()");
		String msg = "";
		try {
			Subject subject = SecurityUtils.getSubject();
			String passwordMD5 = MyMD5Util.getStrToMD5(password);
			UsernamePasswordToken token = new UsernamePasswordToken(username, passwordMD5);
			subject.login(token);
			msg = "登录成功！";
			return "redirect:/index";
		} catch (Exception e) {
			msg = e.getMessage();
		}
		map.put("msg", msg);
		return "login";
	}
	
	@RequestMapping("/logout")
	public String logout() {
		Subject subject = SecurityUtils.getSubject();
		subject.logout();
		return "login";
	}

	@RequestMapping("/403")
	public String unauthorizedRole() {
		System.out.println("------没有权限-------");
		return "403";
	}
}
